Process for transmitting sms messages with protected identity

ABSTRACT

The procedure for transmitting SMS messages with protected identity prevents the recipient of an SMS message from seeing the caller&#39;s telephone number, and therefore the corresponding personal data, but allows him to contact the caller by sending an SMS message. During the procedure, the service manager ciphers the user&#39;s telephone number, contained in the message header, and then subsequently deciphers it to restore the original telephone number.

DESCRIPTION

[0001] This invention relates to telephone network numerical transmission systems and in particular relates to a process for transmitting SMS messages with protected identity.

[0002] As is known, modern telecommunications systems permit the transmission of short SMS type messages (Short Message System), which can be written with the telephone keypad and displayed on the telephone's display, at the same time as the voice signal without causing reciprocal interference. This alphanumeric transmission, which until recently was the prerogative of the radio network mobile telephone systems, is now possible using suitable equipment connected to the fixed network, such as telephones, fax machines, electronic post boxes (E-mail), etc.

[0003] The SMS messages are made up of different fields. In the header of the message, there is a field that contains the user's telephone number and is called the OADC field (originator Address Destination Code), and in the body of the message, there are service and text fields. The user's telephone number permits the system manager to bill the call, and the recipient to identify the origin of the message. This feature, however, although necessary for the manager; may not be acceptable to the sender of the message or may, in fact, clash with the standards governing communication privacy, when for example the SMS messages are used for particular services, such as voting, prize-winning competitions, etc. The supplier of the final service must not be able to obtain the user's personal data via the telephone number, but must be able to reach the user by other means.

[0004] The methods currently employed to protect the identity of the caller using a voice telephone are not suitable for this purpose, as they normally work by making the last three figures of the telephone number illegible. This prevents user identification, but it also makes it impossible for the person receiving the call to call back.

[0005] Also known, from Document WO 00 76231, is a method for transmitting a message in a communications service operating through a mobile telephone network, permitting anonymous communications between system users. The telephone number of the sender of each message is replaced by the SMS centre with a virtual ID, and such correspondence is stored in a database. The user who receives the message, without being aware of the real telephone number, is able to reply using the virtual ID, as the SMS centre is able to associate the virtual ID to the correct number, consulting the database. Tlis solution implies structural changes in the mobile network, for the implementation of the database and for its cooperation with the SMS centre. Moreover the size of the database is not negligible and increases with the number of users.

[0006] Document EP 0 899 918 discloses a system for generating an alias source address in a different technical field, Le. for an electronic mail (e-mail) message. The system includes an alias source address substitutor that substitutes the alias source address for the real source address, using a secret key. This removes the real source address from the e-mail message and thereby renders the sender, located at the real source address, anonymous. Still, a reply e-mail can be sent by means of a remailer, e.g. by adoption of symmetric encryption algorithms. The procedure known from this document is, however, not transferrable to SMS messages, due to the specific structure of the SMS.

[0007] These difficulties are avoided and the aforesaid technical problems resolved by using the procedure for transmitting SMS messages with protected identity (the subject of this invention), which prevents the recipient of an SMS message from seeing the caller's telephone number, and therefore the corresponding personal data, but which allows him to contact the caller by sending an SMS message.

[0008] The subject of this invention is a procedure for transmitting SMS messages. with protected identity, as described in the characterising part of claim 1.

[0009] The foregoing and other characteristics of this invention will be made clearer by the following description of a preferred form of the invention, given by way of non-limiting example, and by the annexed drawings in which:

[0010]FIG. 1 represents a GSM type radio-mobile system in which the SMS messages are transmitted according to the invention.

[0011]FIG. 2 is a flow diagram showing the ciphering operation;

[0012]FIG. 3 is a flow diagram showing the deciphering operation.

[0013] During the procedure for transmitting SMS messages with protected identity, the service manager ciphers the user's telephone number contained in the message header in order to prevent the user's personal data being revealed, and subsequently deciphers it to restore the original telephone number.

[0014]FIG. 1 gives an example of a GSM radio-mobile system in which a TC cell phone with SIM card sends an SMS message with its telephone number displayed on the GSM network. The message is received and processed by the SMS message service center called SMSC (Short Message Service Center), and is then forwarded to the transit equipment, called GW, where the telephone number of the caller is ciphered. The GW equipment, also known as SMS Gateway, normally transforms the UDP messages (User Datagram Protocol) received from the SMSC into IP messages, which it then sends to the TCP/IP (Transmission Control Protocol/Internet Protocol) network via a TCP/IP router.

[0015] The modified message is then transmitted to its destination, which may be an FS services supplier that has a user database, DB, containing for example the user identification (ciphered number), the number of messages the user has sent, the sending dates, the information in the messages, etc.

[0016] If the FS services supplier cannot decipher the user's identity from the ciphered telephone number, it can still reply by using the ciphered number The SMS GW will then decipher the number to restore it to its original form, and then forward the message. The services supplier obviously cannot access the SMS GW and consequently cannot see the telephone number.

[0017] The user's telephone number is ciphered by using a suitable application consisting of a special algorithm.

[0018] It may be a good idea to select a symmetrical, invertible algorithm with a single password for ciphering/deciphering, which acts on the serial number flow to cipher data of different lengths. “Stream” type algorithms, which can cipher the data as they arrive, byte by byte, till the end, satisfy these requirements.

[0019] For the algorithm to be applied correctly, the original telephone number, consisting of a decimal vector, must have the following characteristics:

[0020] contain the international code;

[0021] does not begin with zero;

[0022] does not exceed 14 decimal figures, code included.

[0023] The application outputs a vector of maximum 16 figures. This limit is established by the dimension of the OADC field of the SMS message. The output vector consists of an initial ciphered part of no more than the number of figures of the telephone number input, i.e. 14, and a second part of two figures consisting of the index of the password used for the ciphering.

[0024] A table of 33 passwords is created, in which each password corresponds to an index. The 99 possible indexes that can be expressed with the two decimal figures available are used to transmit further information, as described in further detail below.

[0025] The table of cipher passwords is not included in the source code, but is dynamically generated each time the cipher/decipher application is started in the SMS GW block. The 33 passwords remain the same, but cannot be deduced from the application source code or from the mathematical algorithm used to calculate them. The algorithm used can be easily changed.

[0026] In particular, the password can be randomly selected from the table or it can be the same for the same telephone number, according to the value that the manager, upon request by the service supplier, assigns to a “Historic” Boolean variable considered by the application.

[0027] If this “Historic” variable is “true”, the service supplier can build up the story of the operations carried out by the mobile user, and stores it in an apparatus to which only the supplier can access. In this way, the service supplier can collect statistical data on the users and store the contents of individual messages, e.g. which user gave the correct answer in a prize-winning competition.

[0028] During the deciphering, the application inputs the vector with no more than 16 decimal figures, which contains the ciphered telephone number and the password index used for ciphering that occupies the last two vector positions.

[0029] The “true” “Historic” variable is not necessary for deciphering, because it can be deduced from the range of values to which the password index belongs.

[0030] In output, the application restores the original telephone number of no more than 14 decimal figures, without any zeroes at the beginning of the international code.

[0031] Further details of the individual operations for ciphering the user's telephone number are given in the flow diagram shown in FIG. 2.

[0032] After the initial stage 1, in which the telephone number in the message header OADC field is acquired, a check is made to see how many bytes it is made of, stage 2. If it is more than 14 bytes long, it is sent directly to the output, stage 13, without performing any operations. Otherwise, the telephone number is converted from the format used for SMS transmission into a decimal number format, stage 3. SMS format, in fact, consists of a vector of 14 bytes, each one of which represents a number from 0 to 9 of the telephone number, which must be converted into decimals so that it can be subjected to the subsequent operations.

[0033] The subsequent stage 4 checks whether the “Historic” Boolean variable has been set to “True”. If this is not the case, i.e. the logic value is “False”, a whole number less than 33 with the function called RAND(32) is randomly generated to obtain the password table index. Otherwise, the base 33 module operation is performed on the telephone number, with the MOD₃₃(OADC) function, to give an index which will always be the same for the same number, stage 6. As is known, the base 33 module operation consists in dividing the number by 33 until a remainder of less than 33 is obtained. This remainder is the password table index.

[0034] In the subsequent stage 7, if the telephone number and the password table index, calculated in one of the two ways described previously, are available, ciphering can be performed by using the “stream” symmetrical algorithm selected.

[0035] Stage 8 consists in checking how many decimal figures make up the ciphered number. If it consists of no more than 14 decimal figures, it is reconverted from the decimal number into a byte vector, suitable for the SMS message transmission, and two index bytes are added to the end, stage 12, to be restored at the end of operations, stage 13. If, however, it consists of more than 14 decimal figures, it is checked whether it is more or less than 2*10¹⁴, stage 9. If it is less than 2*10¹⁴, the index is increased by 33, stage 10, whereas if it is greater than or equal to 2*10¹⁴, the index is increased by 66, stage 11.

[0036] In this way, the password table index may be in one of three ranges 0-32, 33-65, 66-99, and consequently provide the information that the ciphered number includes a 15^(th) figure in addition to the 14 decimal figures, which may be respectively 0, 1 or 2. Obviously, the indexes that differ from 00, 33 or 66 always identify the same password.

[0037] As in the previous case, the decimal number is reconverted into a byte vector that includes the two index bytes, thus obtaining a vector of 16 bytes, stage 12, which is then output, stage 13.

[0038] Further details of the individual operations for deciphering the user's telephone number are given in the flow diagram shown in FIG. 3.

[0039] After an initial phase of initialisation, stage 20, in which the ciphered telephone number in the message OADC field is acquired, it is converted from its vectorial format, used for SMS transmission, into a decimal number by extracting the last two figures that represent the password table index, stage 21.

[0040] Stage 22 then checks the index value. If the index is less than 33, the corresponding password can be found and the deciphering can be performed directly, stage 27. The number obtained is once again reconverted into a vector suitable for SMS message transmission, stage 28, and then output, stage 29.

[0041] If, however, the index is greater or equal to 33, a check is made to see whether it is greater or equal to 66, stage 23. If it is, the ciphered telephone number is increased by 2*10¹⁴, stage 25, otherwise it is increased by 1*10¹⁴, stage 24, thus obtaining the original ciphered number In either case, the index is subjected to the base 33 module operation, stage 26, to obtain a value in the range 0-32, and is then deciphered, stage 27, reconverted into vectorial format, stage 28 and then completed, stage 29.

[0042] Obviously this description is given as a non-limiting example. Variants and modifications are possible, without emerging from the protection field of the claims. 

1. Process for the transmission of SMS messages with protected identity, in which the callers telephone number is contained in the header field (OADC) of the SMS messages sent, the SMS message sent by the user with his telephone number visible being received and processed by a SMS message service centre (SMSC), characterised by the fact that the SMS message is then forwarded to transit equipment (GW) where it is ciphered with an application based on a suitable algorithm, and then transmitted to its destination, which can not trace the identity of the user from the ciphered telephone number, but which can reply by using the ciphered number, due to the fact that the transit equipment (GW) is enabled to decipher the number and restore it to its original form, and then forward the call correctly.
 2. Process as per claim 1, characterised by the fact that said suitable algorithm is a symmetrical, invertible algorithm with a single password for ciphering/deciphering, suitable for acting on a serial number flow for ciphering data of different lengths.
 3. Process as per claim 1 or 2, characterised by the fact that said application each time creates a table of passwords, in which there is an index for each password, which can be randomly generated or can be the same for the same telephone number, depending on the value that the manager, upon request of the service supplier, assigns to a Boolean variable (Historic), which permits the called party to store the history of the operations performed by the calling user.
 4. Process as per any of claims 1 to 3, characterised by the fact that said application performs the ciphering operation as follows: acquires the visible telephone number (stage 1); checks to see how many bytes it consists of (stage 2); if the number exceeds 14 bytes, it is directly sent to the output (stage 13), without performing any operations; if the number does not exceed the first length, it is converted from the format used for SMS transmission into a decimal number format (stage 3); evaluates the logic value of the Boolean variable (Historic), (stage 4); if the Boolean variable has a first logic value False), it randomly generates a whole number that is less than the number of passwords to obtain the index of said table (stage 5); if the Boolean variable has a second logic value (True) it performs a module operation on the telephone number, using the number of passwords as base, obtaining an index that will always be the same for the same telephone number (stage 6); performs the ciphering operation using said algorithm (stage 7); checks how many decimal figures make up the ciphered number (stage 8); if the decimal figures are not more than a first number, it reconverts the ciphered number from the decimal number into a byte vector, suitable for SMS message tansmission (stage 12); if the decimal figures are more than the first number, it checks whether the ciphered number is greater than or equal to twice ten raised to the power of said first number (stage 9); if the ciphered number is smaller than twice ten raised to the power of said first number, the index of the password is increased by the number of passwords (stage 10); if the ciphered number is greater than or equal to twice ten raised to the power of said first number, the index of the password is increased twice by the number of passwords (stage 11); it reconverts the ciphered number from the decimal number into a byte vector including two index bytes (stage 12); ends the ciphering operation (stage 13).
 5. Process as per claim 4, characterised by the fact that said application performs the deciphering operation as follows: acquires the ciphered telephone number (stage 20); converts it from the format used for SMS transmission into a decimal number format, extracting the last two figures that represent the password table index (stage 21); checks the index value (stage 22); if the index is less than the password number, it obtains the corresponding password and carries out the deciphering directly (stage 27); if the index is greater or equal to the number of passwords, it decides whether it is twice or more the number of passwords (stage 23); if it is twice or more the number of passwords, the ciphered telephone number is increased by 2*10¹⁴ to the first number (stage 25); if it is less than twice the number of passwords, the ciphered telephone number is increased by 1*10¹⁴ to the first number (stage 24); if the index is greater or equal to the number of passwords, it subjects the index to the module operation using the number of passwords as the module base (stage 26); performs the deciphering (stage 27); reconverts the deciphered number into vectorial format (stage 28); ends the deciphering operation (stage 29). 